Cannot create certificate using ddns

Hello, I’m trying to set up a small home server which should be reachable publicly.

  1. ran the docker command from How to Install the Nextcloud All-in-One on Linux - Nextcloud
  2. forwarded the mentioned ports in my router and tested successfully with telnet
  3. In order to obtain a certificate, I followed the instructions in the console and opened the according url in my browser,
    I get this error:
[Sun Jul 30 20:33:05.817938 2023] [core:notice] [pid 115:tid 548424269920] AH00094: Command line: 'httpd -D FOREGROUND'
{"level":"error","ts":1690749225.2060425,"logger":"http.acme_client","msg":"challenge failed","identifier":"<censored>","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":" Fetching http://<censored> Error getting validation data","instance":"","subproblems":[]}}
{"level":"error","ts":1690749225.2068815,"logger":"http.acme_client","msg":"validating authorization","identifier":"<censored>","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":" Fetching http://<censored> Error getting validation data","instance":"","subproblems":[]},"order":"","attempt":1,"max_attempts":3}
{"level":"error","ts":1690749225.2076628,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"<censored>","issuer":"","error":"HTTP 400 urn:ietf:params:acme:error:connection - Fetching http://<censored> Error getting validation data"}
{"level":"error","ts":1690749225.2077765,"logger":"tls.obtain","msg":"will retry","error":"[<censored>] Obtain: [<censored>] solving challenge: <censored> [<censored>] authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - Fetching http://<censored> Error getting validation data (ca=","attempt":1,"retrying_in":60,"elapsed":1.897703054,"max_duration":2592000}

I’ve tried other ddns providers, but the error looked the same. The ddns accounts are all brand new, can that play a role?

What am I doing wrong ?

Hi, see What can I do when Nextcloud is not reachable via my domain or if I get `SSL_ERROR_INTERNAL_ERROR_ALERT` when opening my Nextcloud domain? · nextcloud/all-in-one · Discussion #2105 · GitHub

thank you, I likely forgot to forward port 443. After doing so, I’m getting these errors:

{"level":"error","ts":1690838695.2449262,"logger":"tls.obtain","msg":"will retry","error":"[] Obtain: subject does not qualify for a public certificate:","attempt":1,"retrying_in":60,"elapsed":0.000941795,"max_duration":2592000}

Is there any example with a ddns provider which is confirmed working? I can’t find none, maybe it’s just an issue with duckdns though ?

push sorry for bothering, but I can’t find any working example/guide of this setup method, is there any other way to set up AIO with SSL encryption?

EDIT: I’ve resest the port forwarding in my router, made sure 443, 8080, 8443 and 80 are forwarded, and then SSL worked. :slight_smile: thanks.

1 Like